Start of true master ha

filter_plugins/oo_filters.py

@@ -243,6 +243,21 @@ class FilterModule(object):
         return string.split(separator)
 
     @staticmethod
+    def oo_haproxy_backend_masters(hosts):
+        ''' This takes an array of dicts and returns an array of dicts
+            to be used as a backend for the haproxy role
+        '''
+        servers = []
+        for idx, host_info in enumerate(hosts):
+            server = dict(name="master%s" % idx)
+            server_ip = host_info['openshift']['common']['ip']
+            server_port = host_info['openshift']['master']['api_port']
+            server['address'] = "%s:%s" % (server_ip, server_port)
+            server['opts'] = 'check ssl verify none'
+            servers.append(server)
+        return servers
+
+    @staticmethod
     def oo_filter_list(data, filter_attr=None):
         ''' This returns a list, which contains all items where filter_attr
             evaluates to true
@@ -408,4 +423,5 @@ class FilterModule(object):
             "oo_filter_list": self.oo_filter_list,
             "oo_parse_heat_stack_outputs": self.oo_parse_heat_stack_outputs,
             "oo_parse_certificate_names": self.oo_parse_certificate_names
+            "oo_haproxy_backend_masters": self.oo_haproxy_backend_masters
         }

playbooks/common/openshift-master/config.yml

@@ -34,7 +34,9 @@
       - role: common
         local_facts:
           hostname: "{{ openshift_hostname | default(None) }}"
+          ip: "{{ openshift_ip | default(None) }}"
           public_hostname: "{{ openshift_public_hostname | default(None) }}"
+          public_ip: "{{ openshift_public_ip | default(None) }}"
           deployment_type: "{{ openshift_deployment_type }}"
       - role: master
         local_facts:
@@ -207,6 +209,30 @@
       parsed_named_certificates: "{{ openshift_master_named_certificates | oo_parse_certificate_names(master_cert_config_dir, openshift.common.internal_hostnames) }}"
     when: openshift_master_named_certificates is defined
 
+- name: Compute haproxy_backend_servers
+  hosts: localhost
+  connection: local
+  sudo: false
+  gather_facts: no
+  tasks:
+  - set_fact:
+      haproxy_backend_servers: "{{ hostvars | oo_select_keys(groups['oo_masters_to_config']) | oo_haproxy_backend_masters }}"
+
+- name: Configure load balancers
+  hosts: oo_first_master
+  vars:
+    haproxy_frontends:
+    - name: atomic-openshift
+      bind: "*:80"
+      default_backend: atomic-openshift
+    haproxy_backends:
+    - name: atomic-openshift
+      balance: roundrobin
+      servers: "{{ hostvars.localhost.haproxy_backend_servers }}"
+  roles:
+  - role: haproxy
+    when: groups.oo_masters_to_config | length > 1
+
 - name: Configure master instances
   hosts: oo_masters_to_config
   vars:

roles/haproxy/README.md

@@ -0,0 +1,34 @@
+HAProxy
+=======
+
+TODO
+
+Requirements
+------------
+
+TODO
+
+Role Variables
+--------------
+
+TODO
+
+Dependencies
+------------
+
+TODO
+
+Example Playbook
+----------------
+
+TODO
+
+License
+-------
+
+Apache License, Version 2.0
+
+Author Information
+------------------
+
+Jason DeTiberus (jdetiber@redhat.com)

roles/haproxy/defaults/main.yml

@@ -0,0 +1,13 @@
+---
+haproxy_frontends:
+- name: main
+  bind: "*:80"
+  default_backend: default
+
+haproxy_backends:
+- name: default
+  balance: roundrobin
+  servers:
+  - name: web01
+    address: 127.0.0.1:9000
+    opts: check

roles/haproxy/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: restart haproxy
+  service:
+    name: haproxy
+    state: restarted

roles/haproxy/meta/main.yml

@@ -0,0 +1,12 @@
+---
+galaxy_info:
+  author: Jason DeTiberus
+  description: HAProxy
+  company: Red Hat, Inc.
+  license: Apache License, Version 2.0
+  min_ansible_version: 1.9
+  platforms:
+  - name: EL
+    versions:
+    - 7
+dependencies: []

roles/haproxy/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+- name: Install haproxy
+  yum:
+    pkg: haproxy
+    state: present
+
+- name: Configure haproxy
+  template:
+    src: haproxy.cfg.j2
+    dest: /etc/haproxy/haproxy.cfg
+    owner: root
+    group: root
+    mode: 0644
+  notify: restart haproxy
+
+- name: Enable and start haproxy
+  service:
+    name: haproxy
+    state: started
+    enabled: yes
+  register: start_result
+
+- name: Pause 30 seconds if haproxy was just started
+  pause: seconds=30
+  when: start_result | changed

roles/haproxy/templates/haproxy.cfg.j2

@@ -0,0 +1,48 @@
+# Global settings
+#---------------------------------------------------------------------
+global
+    chroot      /var/lib/haproxy
+    pidfile     /var/run/haproxy.pid
+    maxconn     4000
+    user        haproxy
+    group       haproxy
+    daemon
+
+    # turn on stats unix socket
+    stats socket /var/lib/haproxy/stats
+
+#---------------------------------------------------------------------
+# common defaults that all the 'listen' and 'backend' sections will
+# use if not designated in their block
+#---------------------------------------------------------------------
+defaults
+    mode                    http
+    log                     global
+    option                  httplog
+    option                  dontlognull
+    option http-server-close
+    option forwardfor       except 127.0.0.0/8
+    option                  redispatch
+    retries                 3
+    timeout http-request    10s
+    timeout queue           1m
+    timeout connect         10s
+    timeout client          1m
+    timeout server          1m
+    timeout http-keep-alive 10s
+    timeout check           10s
+    maxconn                 3000
+
+{% for frontend in haproxy_frontends %}
+frontend  {{ frontend.name }}
+    bind {{ frontend.bind }}
+    default_backend {{ frontend.default_backend }}
+{% endfor %}
+
+{% for backend in haproxy_backends %}
+backend {{ backend.name }}
+    balance {{ backend.balance }}
+{% for server in backend.servers %}
+    server      {{ server.name }} {{ server.address }} {{ server.opts }}
+{% endfor %}
+{% endfor %}

roles/openshift_master/tasks/main.yml

@@ -8,9 +8,9 @@
     - openshift_master_oauth_grant_method in openshift_master_valid_grant_methods
   when: openshift_master_oauth_grant_method is defined
 
-- fail:
-    msg: "openshift_master_cluster_password must be set for multi-master installations"
-  when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
+#- fail:
+#    msg: "openshift_master_cluster_password must be set for multi-master installations"
+#  when: openshift_master_ha | bool and not openshift.master.cluster_defer_ha | bool and openshift_master_cluster_password is not defined
 
 - name: Set master facts
   openshift_facts:
@@ -144,7 +144,7 @@
 
 - name: Start and enable master
   service: name={{ openshift.common.service_type }}-master enabled=yes state=started
-  when: not openshift_master_ha | bool
+#  when: not openshift_master_ha | bool
   register: start_result
 
 - set_fact: